package ${basepackage}.framework.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

import ${basepackage}.framework.base.controller.BaseSpringController;
import ${basepackage}.framework.base.util.AppConstant;
import com.ncs.secon.toolkit.jse2e.SecureEncryptTools;

@Controller
@RequestMapping(value="/account")
public class LoginController extends BaseSpringController{

	private String getRSAPublicKeyJavaScript() {
		String js = SecureEncryptTools.getRSAPublicKeyJavaScript();
		System.out.println("JS 111.333= " + js);
		return js;
	}
	
	@RequestMapping(value="/logout",method=RequestMethod.GET)
	public String logout(HttpServletRequest request){
		
		HttpSession session = request.getSession();
		session.removeAttribute(AppConstant.SESSION_USER_ID);
		
		Subject subject = SecurityUtils.getSubject();
		if(subject != null){
			subject.logout();
		}
		return "redirect:/account/login";
	}
	
	@RequestMapping(value="/login",method=RequestMethod.GET)
	public ModelAndView login(String redirectURL,HttpServletRequest request){
		ModelAndView view = new ModelAndView();
        //把拦截前路径存下来，以便登入成功可以直接请求到登录前的页面
		ModelMap modelmap = new ModelMap();
		modelmap.addAttribute("redirectURL", redirectURL);
		modelmap.addAttribute("rsascript", getRSAPublicKeyJavaScript());
        view.setViewName("/account/login");
        view.addAllObjects(modelmap);
        return view;
	}
	
/*	@RequestMapping(value = "/login", method = RequestMethod.POST)
    public String submit(String username, String password, String redirectURL,
            HttpServletRequest request) {
		try {
			password = SecureEncryptTools.decryptPass(password);
		} catch (ToolkitException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		System.out.println("===============LoginSubmit");
		System.out.println("===============username====" + username);
		System.out.println("===============password====" + password);
		System.out.println("===============recirectURL====" + redirectURL);
        //模拟登陆成功 用户admin 密码admin的用户
        if (StringUtils.isNotBlank(username) && StringUtils.isNotBlank(password)
                && username.equals("admin") && password.equals("admin")) {
            //当登陆成功是，将用户信息存放到session中去
            HttpSession session = request.getSession();
            session.setAttribute(AppConstant.SESSION_USER_ID, "admin");
            if (StringUtils.isNotBlank(redirectURL)) {
                return "redirect:" + URLDecoder.decode(redirectURL);
            }
            return "redirect:/function/list";
        } else {
            if (StringUtils.isNotBlank(redirectURL)) {
                return "redirect:/account/login?" + URLDecoder.decode(redirectURL);
            }
            return "redirect:/account/login";
        }
	}
*/
	@RequestMapping(value = "/login", method = RequestMethod.POST)
	public String fail(@RequestParam(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM) String userName, Model model) {
		model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, userName);
		System.out.println("failed to login=====================");
		return "redirect:/account/login";
	}

}
